v0.2.1

What's Changed

• Split rubygems release to matrix by @segiddins in #176
• Bump step-security/harden-runner from 2.10.1 to 2.10.2 in the actions group by @dependabot in #177
• Fix path in release-rubygems gem push step by @segiddins in #178
• Fix path in release-rubygems gem push step for attestation by @segiddins in #179

Full Changelog: v0.2.0...v0.2.1

v0.2.0

What's Changed

• Bump the actions group with 2 updates by @dependabot in #148
• Bump the actions group with 2 updates by @dependabot in #149
• Bump actions/checkout from 4.2.1 to 4.2.2 in the actions group by @dependabot in #151
• Bump rubygems/configure-rubygems-credentials from 2fc7b42c46c46844fa52a1554212acd445708860 to a2b9242bc411d79356771fc9b9ddebcc3cd1b5dd in the actions group by @dependabot in #152
• Improve error handling by @segiddins in #153
• Bump rexml from 3.3.8 to 3.3.9 in the bundler group by @dependabot in #154
• Bump actions/dependency-review-action from 4.3.5 to 4.4.0 in the actions group by @dependabot in #155
• Bump ruby/setup-ruby from 1.197.0 to 1.198.0 in the actions group by @dependabot in #156
• Bump the actions group with 2 updates by @dependabot in #157
• Bump sigstore/sigstore-conformance from e0d6a7e0d402c8f9abe1dca102de8c42de9179d5 to d93d46c0e864084fbb78015a5b7d4f5b1d7e641d in the actions group by @dependabot in #159
• Bump ruby/setup-ruby from 1.199.0 to 1.200.0 in the actions group by @dependabot in #160
• Bump net-http from 0.4.1 to 0.5.0 by @dependabot in #161
• Bump uri from 0.13.1 to 1.0.0 by @dependabot in #163
• Bump ruby/setup-ruby from 1.200.0 to 1.201.0 in the actions group by @dependabot in #162
• Bump the actions group with 2 updates by @dependabot in #165
• Bump softprops/action-gh-release from 2.0.9 to 2.1.0 in the actions group by @dependabot in #166
• Bump uri from 1.0.0 to 1.0.1 by @dependabot in #164
• Bump github/codeql-action from 3.27.1 to 3.27.3 in the actions group by @dependabot in #167
• Bump uri from 1.0.1 to 1.0.2 by @dependabot in #168
• Bump rubocop-performance from 1.22.1 to 1.23.0 by @dependabot in #172
• Bump the actions group across 1 directory with 2 updates by @dependabot in #173
• Improve compatibility with sigstore-js mock server by @segiddins in #170
• Concat into a single buffer for JSON.canonical_generate by @segiddins in #169
• Extract cli into a separate gem we can publish by @segiddins in #174
• Bump version to 0.2.0 by @segiddins in #175

Full Changelog: v0.1.1...v0.2.0

v0.1.1

What's Changed

• Fix release automation so task can succeed by @segiddins in #143
• Set audience to sigstore when requesting id token by @segiddins in #145
• Parse out the id token value in smoketest by @segiddins in #146
• Bump the actions group across 1 directory with 4 updates by @dependabot in #144
• Run smoketest as part of CI by @segiddins in #147

Full Changelog: v0.1.0...v0.1.1

v0.1.0

What's Changed

• Adopt some github workflows from sigstore-python by @segiddins in #2
• Bump rake from 13.1.0 to 13.2.1 by @dependabot in #5
• Bump codecov/codecov-action from 4.0.1 to 4.3.0 in the actions group by @dependabot in #3
• Bump rubocop from 1.60.2 to 1.63.4 by @dependabot in #4
• [StepSecurity] Apply security best practices by @step-security-bot in #6
• Update precommit config by @segiddins in #7
• Bump the actions group with 4 updates by @dependabot in #8
• Bump codecov/codecov-action from 4.3.0 to 4.3.1 in the actions group by @dependabot in #10
• Better errors + x509 parsing by @segiddins in #9
• Bump ruby/setup-ruby from 1.175.1 to 1.176.0 in the actions group by @dependabot in #12
• Bump actions/checkout from 4.1.4 to 4.1.5 in the actions group by @dependabot in #13
• Begin implementing dsse/in-toto support by @segiddins in #11
• Bump github/codeql-action from 3.25.3 to 3.25.4 in the actions group by @dependabot in #14
• Bump ossf/scorecard-action from 2.3.1 to 2.3.3 in the actions group by @dependabot in #16
• Bump github/codeql-action from 3.25.4 to 3.25.5 in the actions group by @dependabot in #17
• Bump codecov/codecov-action from 4.3.1 to 4.4.0 in the actions group by @dependabot in #18
• Bump the actions group across 1 directory with 4 updates by @dependabot in #20
• Bump step-security/harden-runner from 2.7.1 to 2.8.0 in the actions group by @dependabot in #21
• Bump ruby/setup-ruby from 1.177.0 to 1.177.1 in the actions group by @dependabot in #22
• Bump rubocop from 1.63.4 to 1.64.0 by @dependabot in #23
• Use ruby 3.3.1 in development by @segiddins in #24
• Bump webmock from 3.23.0 to 3.23.1 by @dependabot in #25
• Bump rubocop from 1.64.0 to 1.64.1 by @dependabot in #26
• Bump timecop from 0.9.8 to 0.9.9 by @dependabot in #29
• Bump the actions group across 1 directory with 4 updates by @dependabot in #33
• Bump the actions group with 3 updates by @dependabot in #34
• Bump the actions group with 2 updates by @dependabot in #35
• Bump timecop from 0.9.9 to 0.9.10 by @dependabot in #36
• Bump ruby/setup-ruby from 1.180.0 to 1.180.1 in the actions group by @dependabot in #37
• Add codeowners file by @segiddins in #43
• Update staging root to version 8 by @segiddins in #41
• Extract TUF config to a class by @segiddins in #39
• Implement TUF hash/length verification by @segiddins in #40
• Start adding some tests for merkle verification by @segiddins in #42
• Bump ruby/setup-ruby from 1.180.1 to 1.182.0 in the actions group by @dependabot in #54
• TSA verification by @segiddins in #44
• Bump the actions group with 2 updates by @dependabot in #57
• Extract TUF Updater into tuf/ by @segiddins in #56
• Support DSSE 0.0.1 DSSE envelopes by @segiddins in #58
• Bump the actions group across 1 directory with 2 updates by @dependabot in #60
• Bump ruby/setup-ruby from 1.185.0 to 1.187.0 in the actions group across 1 directory by @dependabot in #63
• Bump the actions group across 1 directory with 2 updates by @dependabot in #65
• Bump the actions group across 1 directory with 2 updates by @dependabot in #67
• Bump rexml from 3.2.8 to 3.3.2 in the bundler group by @dependabot in #68
• Refactor verifier to perform steps in the order given by the spec by @segiddins in #55
• Bump ruby/setup-ruby from 1.187.0 to 1.188.0 in the actions group by @dependabot in #70
• Conformance fixes on ruby-head in CI by @segiddins in #73
• Exclude conformance tests from rubocop by @segiddins in #38
• Add default excludes to rubocop by @segiddins in #77
• Bump the actions group across 1 directory with 4 updates by @dependabot in #76
• Bump rexml from 3.3.2 to 3.3.3 in the bundler group by @dependabot in #74
• Bump step-security/harden-runner from 2.9.0 to 2.9.1 in the actions group by @dependabot in #78
• Bump the actions group with 2 updates by @dependabot in #79
• Bump github/codeql-action from 3.26.0 to 3.26.1 in the actions group by @dependabot in #80
• Bump github/codeql-action from 3.26.1 to 3.26.2 in the actions group by @dependabot in #82
• Add merkle inclusion proof tests by @segiddins in #83
• TUF conformance by @segiddins in #69
• Bump vcr from 6.2.0 to 6.3.0 by @dependabot in #84
• Bump vcr from 6.3.0 to 6.3.1 by @dependabot in #87
• Support rsa-pkcs1v15-sha256 keys by @segiddins in #86
• Fix TUF rollback protection by @segiddins in #89
• Bump rexml from 3.3.3 to 3.3.6 in the bundler group by @dependabot in #91
• Update vendored trusted roots by @segiddins in #93
• Fix walk of target delegations to be DFS by @segiddins in #95
• Bump github/codeql-action from 3.26.2 to 3.26.5 in the actions group across 1 directory by @dependabot in #96
• Bump theupdateframework/tuf-conformance from 2c8a0a73f2eea756ddc2e8b11077cb063aa221ed to a45d2183228f9bed664616669c11d19558e0be3f in the actions group by @dependabot in #97
• Bump theupdateframework/tuf-conformance from a45d2183228f9bed664616669c11d19558e0be3f to b8f2205151cf52499becade10fd9cddf574e6bf1 in the actions group by @dependabot in #98
• Bump the actions group across 1 directory with 2 updates by @dependabot in #100
• Bump the actions group across 1 directory with 3 updates by @dependabot in #106
• Bump step-security/harden-runner from 2.9.1 to 2.10.0 in the actions group by @dependabot in #107
• Bump the actions group across 1 directory with 2 updates by @dependabot in #109
• Bump rubocop-performance from 1.21.1 to 1.22.0 by @dependabot in #111
• Bump the actions group across 1 directory with 2 updates by @dependabot in #113
• Bump rubocop-performance from 1.22.0 to 1.22.1 by @dependabot in #114
• Bump github/codeql-action from 3.26.7 to 3.26.8 in the actions group by @dependabot in #115
• Bump theupdateframework/tuf-conformance from e9a3a160751549e8a9fd92b267a5c92247d9df82 to 307fb63cefc6c47d2c4c20e579f5e2f258c9e83f in the actions group by @dependabot in #116
• Sigstore signer by @segiddins in #81
• Bump rubocop from 1.64.1 to 1.66.1 by @dependabot in #104
• Update vendored trusted roots by @segiddins in #112
• Restrict ci workflow github token permissions by @segiddins in #117
• Stop using RubyGems for conformance testing CLI by @segiddins in #120
• Improved JRuby compatibility by @segiddins in https://github.com/sigsto...